Senior Analyst, Cyber Governance
Summary of the role
The primary responsibility of the Senior Analyst is to perform duties in one or more of the following areas: vulnerability management, cyber data governance, risk and verification, cyber policy/standards/standard operating procedures development, and penetration testing and red teaming.
All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.’s policies, practices, and procedures.
JOB SCOPE
- This Senior Analyst is expected to perform within the areas of at least one of the following:
- Cyber governance, risk and verification which performs risk assessments, system security and industrial control system zone security plans including listing controls, gaps in implemented controls and tracking remediation of gaps, and provides input to the risk register
- Network and Operating Systems Security Configuration assessment which performs security configuration reviews including hardening controls, firewall rules review, web/application security configurations
- Penetration testing and red teaming which includes performing security testing to identify security vulnerabilities on LVSC applications and environment, providing recommendations for remediation, and tracking and remediating found issues.
- Cyber policy/standard and standard operating procedure creation, review, distribution, and maintenance
- Vulnerability management which includes successfully scanning the LVSC computing environment for secure configurations and vulnerabilities, researching and eliminating false positives, tracking and remediating found issues, and tracking and performing the exception processes
- Consistent and regular attendance is an essential function of this job.
- Performs other related duties as assigned.
JOB REQUIREMENTS
- Degree or diploma with at least 5 years cyber security hands-on experience in one or more of the areas listed in place of a degree.
- Preferrable to have a current and in good standing CISSP or similar certification, and Offensive Security (OSCP, OSWE, OSEP) or Crest (CRT, CCT) certifications
- Demonstrated experience in at least 1 area in the following list:
- Cyber Vulnerability Management
- Cyber Governance, Risk and Verification
- Cyber Policy/Standard/Standard Operating Procedures
- Cyber Penetration Testing and Red Teaming
- Working knowledge of threats and vulnerabilities and their significance to cyber risk, network operations, and end-point security
- Strong interpersonal skills with the ability to communicate effectively with guests and other Team Members of different backgrounds and levels of experience.
- Ability to communicate clearly and effectively in English, both in spoken and written form.
You agree that it is a condition of employment that you adhere to and abide by all rules, regulations, policies and procedures including without limitation the rules of conduct of the Company.
Additional Information
Career Level
Senior Executive
Qualification
Diploma, Advanced/Higher/Graduate Diploma, Bachelor's Degree, Post Graduate Diploma, Professional Degree
Years of Experience
1 year
Job Type
Full-Time
Job Specializations
Computer/Information Technology, IT-Software, IT-Network/Sys/DB Admin
{{notification.msg}}